links for 2008-11-18 November 19, 2008

Versions of Mozilla Firefox prior to 2.0.0.10 are vulnerable to a race-condition when setting 'window.location' values using JavaScript. In some circumstances, the race-condition can be exploited to spoof referer headers. Specially crafted iframe content can be used to perform cross-site request forgery (CSRF) against sites that accept GET requests and use referer checking for protection.